Block After First Download

Purpose

Protect transfers from uncontrolled access by blocking them after the first download.

Details

By default, anyone with access to a valid transfer URL can access its files. This feature tries to reduce this potential risk of data leakage, by blocking access to a transfer after the first transfer-file has been downloaded. A user who has initiated the first download of a file of the transfer may still download additional files within the same browser session. Afterwards access within new browser sessions are denied.

Accessing a blocked transfer, or a file of a blocked transfer, presents the user with a warning:

Image

The sender and receiver of the transfer can always access a transfer within an authenticated session, even after the transfer has been blocked.

Note

  • After the last bytes of an arbitrary file of the transfer have been successfully downloaded, the transfer will be marked as downloaded, resulting in the block-state. Only the very first downloading person may continue to download the other files of the transfer (if present) in the very same browser session.

Configuration

  • Scope: adminunit
  • Privileges: admin
  • Default: no
  • Effective: immediate, affects old and new transfers

The configuration can be set in the admin interface, in section server settings, subsection security settings:

Image

Dependencies

none

Conflicts

The feature conflicts with other features:

  • In combination with Forced Password Protection, the result is confusing: The transfer. blockage is no resolved by entering the transfer password.
  • In combination with Recipient Authentication, the feature becomes useless, since the recipient is forced to authenticate anyway.

Customers who are interested in this feature may consider using RecipientAuthentication or Forced Password Protection instead.

Changes

  • Version 2016.08.05: Previously only one file of a transfer could be downloaded - the next download attempt by the same person was denied. Now multiple downloads of files of a the same transfer may still be downloaded within the original browser session, thus making it possible to send more than one file when the feature is enabled.